

package com.amiba.crm.admin.auth.config;

import lombok.AllArgsConstructor;
import lombok.SneakyThrows;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * 资源服务器
 */
@Configuration
@EnableResourceServer
@AllArgsConstructor
public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {

    @Override
    @SneakyThrows
    public void configure(HttpSecurity http){

        http.authorizeRequests()
                .antMatchers(
                    "/actuator/**",
                    "/oauth/removeToken",
                    "/oauth/delToken/*",
                    "/oauth/listToken",
                    "/code",
                    "/notify/**","/wechatApi/**",
                    "/quartz/**").permitAll()
            .anyRequest().authenticated()
            .and().csrf().disable();
    }

    /**
     * 密码加密
     * @return PasswordEncoder
     */
    @Bean
    public PasswordEncoder passwordEncoder() {

        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }

}
